PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

A novel approach to users' authentication and authorization

Autorzy
Identyfikatory
Warianty tytułu
PL
Nowatorskie podejście do uwierzytelniania i autoryzacji użytkowników
Języki publikacji
EN
Abstrakty
EN
In this paper, an adaptive method of users’ authentication and authorization is proposed. With Bring Your Own Device postulate, working conditions and users’ habits have changed and the users connect to company resources with their own devices. This situation poses a severe threat to security, but tightening security rules is not always an option. This brought a need of an adaptive system, which would choose methods adequate to the current threat level. Proposed solution not only minimizes the risk of unauthorized access to company’s data, but also simplifies users’ authentication process.
PL
W niniejszym artykule została zaproponowana nowatorska – adaptacyjna metoda uwierzytelniania i autoryzacji użytkowników. Zbudowany w myśl tego podejścia adaptacyjny system testowy dobiera metody autoryzacji i uwierzytelniania adekwatne do obecnego poziomu zagrożenia. Proponowane rozwiązanie nie tylko minimalizuje ryzyko nieuprawnionego dostępu do danych firmy, ale tak upraszcza proces uwierzytelniania użytkowników.
Czasopismo
Rocznik
Strony
5--22
Opis fizyczny
Bibliogr. 19 poz.
Twórcy
autor
  • Wroclaw University of Technology, Department of Computer Engineering
autor
  • Wroclaw University of Technology, Department of Computer Engineering
Bibliografia
  • 1. An essential and strategic solution for service provider Wi-Fi deployments (2014) [Online]: http://www.wi-fi.org/file/wi-fi-certified-passpoint-an-essential-and-strategicsolution-for-service-provider-wi-fi
  • 2. Cisco annual security report. (2015) [Online]: http://www.cisco.com/web/offers/lp/2015-annual-security-report/index.html
  • 3. Deja vu Security Overview (2014) [Online]: http://peachfuzzer.com/pdf/Deja_Overview-DejaVuSecurity-Datasheet-2014.f.pdf
  • 4. Computer Virus facts and stats (2014) [Online]: http://cloudtweaks.com/2014/04/cloudinfographic-computer-virus-facts-stats/
  • 5. Is OpenAM or OAM the better fit for replacing OpenSSO? (2013) [Online]:http://www.ssocircle.com/en/1284/openam-oam-the-better-fit-for-replacing-opensso/
  • 6. Mobile Malware report - A New Look at Old Threats (2014) BLUE COAT SYSTEMS [Online]: https://www2.bluecoat.com/ja
  • 7. Overall Statistics for 2013. Kaspersky Security Bulletin. (2013) [Online]: http://securelist.com/analysis/kaspersky-security-bulletin/58265/kaspersky-securitybulletin-2013-overall-statistics-for-2013/
  • 8. Passfaces Technology – Graphical Password Technology (2014) [Online]: http://www.realuser.com/enterprise/resources/what_is_two_factor_authentication.htm
  • 9. Bailey C., D. Chadwick W., Lemos R.D.: Self-adaptive authorization framework for policy based RBAC/ABAC models, Proceedings of the IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, ser. DASC ‘11. Washington, DC, USA: IEEE Computer Society, p. 37-44. (2011) [Online]: http://dx.doi.org/10.1109/DASC.2011.31
  • 10. ForgeRock. Open identity stack: Forging a new future for identity and access management (2014). [Online]: http://www.forgerock.com/media/filer_public/e5/16/e516c8d9-ba86-46fd-bef8-386ebe6da11b/whitepaper_openidentitystack.pdf
  • 11. Gao J., Zhang B., Ren Z.: A dynamic authorization model based on security label and Role, IEEE International Conference on Information Theory and Information Security (ICITIS), p. 650-653 (2010).
  • 12. Gkarafli S., Economides A.: Comparing the proof by knowledge authentication techniques, International Journal of Computer Science and Security (IJCSS), Volume 4, Issue 2, p. 237-255 (2011).
  • 13. Hollestelle G., Schuurmans T.: Online authentication methods. Evaluate the strength of online authentication methods (2008) [Online]: http://staff.science.uva.nl/~delaat/rp/2007-2008/p30/report.pdf
  • 14. Irakleous I., Furnell S. M., Dowland P. S., Papadaki M.: An experimental comparison of secret-based user authentication technologies. Information Management and Computer Security, 10(3): p. 100-108, (July 2002).
  • 15. Mendyk-Krajewska T., Mazur Z.: Problem of network security threats, 3rd Conference on Human System Interactions, p. 436-443 (May 2010).
  • 16. Miller K., Voas J., Hurlburt G., BYOD: Security and privacy considerations, IT Professional, vol. 14, no. 5, p. 53-5, Sept.-Oct. (2012) [Online]: http://dx.doi.org/10.1109/MITP.2012.93
  • 17. Smith R.: Authentication - from passwords to public keys. Addison-Wesley, (2002).
  • 18. Todorov D.: Mechanics of User Identification and Authentication: Fundamentals of Identity Management, 1st ed. AUERBACH, (June 2007).
  • 19. Venkatesan R., Bhattacharya S.: Threat-adaptive security policy, Performance, Computing, and Communications Conference. IPCCC 1997. IEEE International, p. 525-531, (Feb 1997), http://dx.doi.org/10.1109/PCCC.1997.581559
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-6cfcaf96-a68e-438a-b55f-b4924e2f1f2b
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.